From 123991be256f81f582acefcc78353f90de6dcd92 Mon Sep 17 00:00:00 2001 From: Shane Harvey Date: Tue, 14 Jan 2025 16:43:37 -0800 Subject: [PATCH 1/2] PYTHON-5038 Resolve certificate verify failed: Missing Authority Key Identifier --- test/asynchronous/test_encryption.py | 1 + test/test_encryption.py | 1 + 2 files changed, 2 insertions(+) diff --git a/test/asynchronous/test_encryption.py b/test/asynchronous/test_encryption.py index ef53d8ccd5..6ceb11449f 100644 --- a/test/asynchronous/test_encryption.py +++ b/test/asynchronous/test_encryption.py @@ -2884,6 +2884,7 @@ async def http_post(self, path, data=None): # each request because the server is single threaded. ctx = ssl.create_default_context(cafile=CA_PEM) ctx.load_cert_chain(CLIENT_PEM) + ctx.verify_mode = ssl.CERT_NONE conn = http.client.HTTPSConnection("127.0.0.1:9003", context=ctx) try: if data is not None: diff --git a/test/test_encryption.py b/test/test_encryption.py index 726463c41e..63ad26ffb2 100644 --- a/test/test_encryption.py +++ b/test/test_encryption.py @@ -2866,6 +2866,7 @@ def http_post(self, path, data=None): # each request because the server is single threaded. ctx = ssl.create_default_context(cafile=CA_PEM) ctx.load_cert_chain(CLIENT_PEM) + ctx.verify_mode = ssl.CERT_NONE conn = http.client.HTTPSConnection("127.0.0.1:9003", context=ctx) try: if data is not None: From 23994052e0758c3e640a4015a3205609c019eaf4 Mon Sep 17 00:00:00 2001 From: Shane Harvey Date: Tue, 14 Jan 2025 17:08:12 -0800 Subject: [PATCH 2/2] PYTHON-5038 Disable check_hostname --- test/asynchronous/test_encryption.py | 1 + test/test_encryption.py | 1 + 2 files changed, 2 insertions(+) diff --git a/test/asynchronous/test_encryption.py b/test/asynchronous/test_encryption.py index 6ceb11449f..2b22bd8b76 100644 --- a/test/asynchronous/test_encryption.py +++ b/test/asynchronous/test_encryption.py @@ -2884,6 +2884,7 @@ async def http_post(self, path, data=None): # each request because the server is single threaded. ctx = ssl.create_default_context(cafile=CA_PEM) ctx.load_cert_chain(CLIENT_PEM) + ctx.check_hostname = False ctx.verify_mode = ssl.CERT_NONE conn = http.client.HTTPSConnection("127.0.0.1:9003", context=ctx) try: diff --git a/test/test_encryption.py b/test/test_encryption.py index 63ad26ffb2..9224310144 100644 --- a/test/test_encryption.py +++ b/test/test_encryption.py @@ -2866,6 +2866,7 @@ def http_post(self, path, data=None): # each request because the server is single threaded. ctx = ssl.create_default_context(cafile=CA_PEM) ctx.load_cert_chain(CLIENT_PEM) + ctx.check_hostname = False ctx.verify_mode = ssl.CERT_NONE conn = http.client.HTTPSConnection("127.0.0.1:9003", context=ctx) try: